Chirurgia endoscopică a hipofizei
"Standardul de aur" în chirurgia hipofizară îl reprezintă endoscopia transnazală transsfenoidală. Echipa NeuroHope este antrenată în unul din cele mai mari centre de chirurgie a hipofizei din Europa, Spitalul Foch din Paris, centrul în care a fost introdus pentru prima dată endoscopul în chirurgia transnazală a hipofizei, de către neurochirurgul francez Guiot. Pe lângă tumorile cu origine hipofizară, prin tehnicile endoscopice transnazale pot fi abordate numeroase alte patologii neurochirurgicale. www.neurohope.ro |
Intel CPU - Design flaw in fiecare procesor din ultimii 10 ani
Last Updated: Mar 12 2021 19:26, Started by
ct03nut
, Jan 03 2018 09:08
·
0
#1477
Posted 17 December 2018 - 21:35
Discutam pentru ca aproape 1 an de zile am fost tinuti in ceata pentru niste banalitati fara atacuri confirmate cum spui tu.
|
#1478
Posted 17 December 2018 - 22:34
Mb b450 check, DDR4 3200 MHz check...așteptam o promoție la 2600x sau 2700x
|
#1479
Posted 19 December 2018 - 21:51
BlackHat Asia 2019 - 26-29 martie 2019
Intel VISA: Through the Rabbit Hole https://www.blackhat...bbit-hole-13513 Quote With VISA, we succeeded in partially reconstructing the internal architecture of PCH and, within the chip, discovered dozens of devices that are invisible to the user yet are able to access certain critical data. In our talk, we will demonstrate how to read signals from PCH internal buses (for example, IOSF Primary and Side Band buses and Intel ME Front Side Bus) and other security-sensitive internal devices. Ghosts in a Nutshell https://www.blackhat...-nutshell-13755 How to Survive the Hardware Assisted Control-Flow Integrity Enforcement https://www.blackhat...forcement-13867 Edited by Arthos, 19 December 2018 - 21:55. |
#1480
Posted 20 December 2018 - 08:42
Dacã spectre și meltdown erau improbabil sa poatã fi folosite proactiv în ferme, astea sunt și mai puțin probabil sa poatã fi exploatate.
Deci, da. Foarte bine ca cineva pierde timpul cãutând nodul din papura... In felul asta ușor ușor platforma numãrul 1 va deveni impenetrabia indiferent de tipul de atac. |
#1481
Posted 13 February 2019 - 11:21
Cornell University / Graz University of Technology : Practical Enclave Malware with Intel SGX
1902.03256.pdf 234.38K 0 downloads POC : https://github.com/sgxrop/sgxrop Quote
Modern CPU architectures offer strong isolation guarantees towards user applications in the form of enclaves. For instance, Intel's threat model for SGX assumes fully trusted enclaves, yet there is an ongoing debate on whether this threat model is realistic. In particular, it is unclear to what extent enclave malware could harm a system. In this work, we practically demonstrate the first enclave malware which fully and stealthily impersonates its host application. Together with poorly-deployed application isolation on personal computers, such malware can not only steal or encrypt documents for extortion, but also act on the user's behalf, e.g., sending phishing emails or mounting denial-of-service attacks. Our SGX-ROP attack uses new TSX-based memory-disclosure primitive and a write-anything-anywhere primitive to construct a code-reuse attack from within an enclave which is then inadvertently executed by the host application. With SGX-ROP, we bypass ASLR, stack canaries, and address sanitizer. We demonstrate that instead of protecting users from harm, SGX currently poses a security threat, facilitating so-called super-malware with ready-to-hit exploits. With our results, we seek to demystify the enclave malware threat and lay solid ground for future research on and defense against enclave mal Intel SGX 'safe' room easily trashed by white-hat hacking marauders: Enclave malware demo'd Quote "The enclave has to run locally, but the trigger signal to run the exploit comes from a remote adversary in the scenarios we describe," said Gruss in an email to The Register. Quote "With SGX-ROP, we bypassed ASLR, stack canaries, and address sanitizer, to run ROP gadgets in the host context enabling practical enclave malware," the researchers claim, noting that the entire exploit process can be accomplished in about 20 seconds. Si raspunsul Intel : Quote Intel is aware of this research which is based upon assumptions that are outside the threat model for Intel SGX. The value of Intel SGX is to execute code in a protected enclave; however, Intel SGX does not guarantee that the code executed in the enclave is from a trusted source. In all cases, we recommend utilizing programs, files, apps, and plugins from trusted sources. Protecting customers continues to be a critical priority for us and we would like to thank Michael Schwarz, Samuel Weiser, and Daniel Grus for their ongoing research and for working with Intel on coordinated vulnerability disclosure. |
#1482
Posted 13 February 2019 - 11:28
pai si care ar fi concluzia aici?
gen bagi al mai smeker seif la banca, dar sefu de banca e corupt si fura... ce poa sa faca seifu? |
#1483
Posted 04 March 2019 - 18:34
BlueHat IL 2019 Abstracts
Ido Li On & Uri Farkas - The AMDFlaws Story: Technical Deep Dive Quote Since the last of AMDFlaws is now patched, our team is ready to reveal the technical details of our 8 months of research into the security of AMD’s latest Ryzen and Epyc processors. [ https://www.youtube-nocookie.com/embed/YoMQxb0ZdK0?feature=oembed - Pentru incarcare in pagina (embed) Click aici ] The Current Spectre / Meltdown Mitigation Overhead Benchmarks On Linux 5.0 Quote Of 57 benchmarks tested on these three systems with the Linux 5.0 kernel, the Core i9 7980XE performance was down by about 13% based upon the geometric mean of all the test results. The Intel Core i7 8086K performance was down by 17% with these out-of-the-box protections for Spectre and Meltdown. The AMD Ryzen 7 2700X performance with its default Spectre mitigations was lower by just 3%. Edited by Arthos, 04 March 2019 - 18:34. |
#1484
Posted 05 March 2019 - 17:28
All Intel chips open to new Spoiler non-Spectre attack: Don't expect a quick fix
https://www.zdnet.co...ct-a-quick-fix/ SPOILER alert, literally: Intel CPUs afflicted with simple data-spewing spec-exec vulnerability https://www.theregis...ler_intel_flaw/ |
#1485
Posted 06 March 2019 - 14:13
IEEE : How the Spectre and Meltdown Hacks Really Worked
MzIzODYxMA.jpeg 91.76K 6 downloads MzIzODYyNw.jpeg 260.79K 8 downloads |
#1486
Posted 06 March 2019 - 16:38
vad ca se tot vorbeste atat de mult teoretic.
a fost pus in practica de cineva? |
|
#1488
Posted 07 March 2019 - 00:41
Ca tot am devenit capitalist prin postarile unora o sa emit urmatoarea teorie personala:
Recunoasterea unui incident de securitate bazat pe exploatarea acestor brese este neprofitabil fiind mult mai eficient si economic ascunderea lui cu departamentul de PR ;> |
#1489
Posted 07 March 2019 - 10:45
diZy, on 06 martie 2019 - 22:37, said: Researchers have gathered more than 130 samples of malware that try to exploit Meltdown and Spectre, although most appear to be proof-of-concept code rather than being used in attacks.sunt destul de sigur ca daca cel putin unu era utilizat efectiv in atacuri, ar fi scris mare si cu rosu despre el. so... again... mult tamtam.... nimic practic. |
#1490
Posted 07 March 2019 - 15:04
Articolul citat este din 1 februarie 2018 si este destul de elocvent pentru oricine intelege graficul atasat :
dupehdmwaaezfpa.jpg 32.44K 3 downloads In 2 zile de la publicarea documentelor cu POC-urile aferente avem deja primele implementari in the wild, 3 saptamani mai tarziu numarul acestora ajungand la 120. |
#1491
Posted 07 March 2019 - 15:19
mda... implementari poate face ORICINE. au fost folosite? efectiv? sa fure date? gen.. "spectre was used to steal data from company X"? Edited by shmu, 07 March 2019 - 15:23. |
|
#1492
Posted 07 March 2019 - 15:33
mda... daca nu am auzit de ele inseamna ca NU EXISTA. case closed. shmu for president :> Edited by Arthos, 07 March 2019 - 15:35. |
#1493
Posted 07 March 2019 - 16:00
da, nu am zis ca nu exista.
doar ca se face atat de mult tam tam, ca si cum ar fi sfarsitu lumii, si totusi la 1 an dupa, aparent nu e nici o tragedie. adica... s-au furat enorm de multe alte date prin alte metode... si nu s-a discutat atat de mult despre alea... si totusi despre kktu asta se discuta atat de mult si aparent nu prea a fost pus in practica.. doar teoretic. POC |
#1494
Posted 07 March 2019 - 16:38
Poti contacta AMD, Intel, etc pentru a afla de ce isi bat capul cu mitigarea lor, ei fiind in masura sa iti raspunda.
|
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users